Security On The Web Term Paper

Length: 8 pages Sources: 1+ Subject: Education - Computers Type: Term Paper Paper: #40603435 Related Topics: Social Security, Computer Viruses, Information Security, Security
Excerpt from Term Paper :

Internet: Security on the Web

Security on the Web -- What are the Key Issues for Major Banks?

The age of digital technology -- email, Web-driven high-speed communication and information, online commerce, and more -- has been in place now for several years, and has been touted as a "revolutionary" technological breakthrough, and for good reason: This technology presents enormous new business opportunities. For example, by moving the key element of marketing and sales from local and regional strategies onto the global stage, and by providing dramatically improved customer convenience, the Web offers medium, small and large companies -- including banks -- unlimited growth potential.

That having been said, there are problems associated with online services, in particular online banking services, and security is at the top of the list of these issues. Some of the most serious security issues associated with Web-banking keep customers away from this technology, in fear of money being stolen and privacy taken away.

But indeed, there are solutions, in many cases, for banks that employ the latest security-related technologies; there are several successful strategies banks have embarked upon in regard to security for their customers who chose to use online services.


The Internet's History: Before there could be online banking, of course there needed to be an Internet, and a World Wide Web. The story of the Internet begins shortly after the Soviets jolted the American scientific community by successfully launching the satellite Sputnik, in October, 1957. President Dwight Eisenhower quickly established the Advanced Research Projects Agency (ARPA) within the defense department, to bring together the best scientific minds in an attempt to counter the Soviets' technological breakthrough (not necessarily, as some reports have suggested, to ward off a nuclear attack). According to the Web site (Internet Pioneers, 2004), the ARPA launched the ARPANET, later to become a computer-linked network for scientists and military experts.

From those early origins of the Internet development, Bob Metcalf (in 1973) invented Ethernet, and the mouse shortly thereafter was the brainchild of Douglas Englebart, leading up to 1974, when Vint Cerf ("the father of the Internet") wrote "a new protocol, TCP (Transmission Control Protocol), which was the catalyst to allow "various networks to connect into a true 'internet'," the article explains.

The World Wide Web (WWW) was founded in 1990, by Tim Berners-Lee, and by December, 1998, 26.2% of American households had the Internet hooked up for frequent use, according to the Department of Commerce (Petry, 2000).

As of today, there are approximately 185 million Americans with Internet access, and world-wide, an estimated 934 million individuals are online (, according to Jupiterimages data gleaned from the Computer Industry Almanac.

Meanwhile, with this huge army of Internet users in place and believing in the power of cyberspace -- and most of them needing banking services of one kind or another -- the banking industry has been hustling to offer secure services since around 1995. The Royal Bank of Canada (RBC) reports that "The first national computer banking service in Canada, PC Banking, was rolled out ... In late 1996" ( 2004).

Now that nearly all banks offer services such as online bill payment, account management, loan applications and more, there are serious security breaches being reported, and while some customers are victims of online theft, other customers, justifiably, are extremely nervous. This paper will report on the various ways in which personal bank accounts -- and banks per se -- are being compromised by thieves. And, this paper will offer solutions for customers and banks when it comes to safety and security online, and to the protection of customer privacy.

Online Banking: The Problems, the Concerns, and the Possible Solutions

A very recent article from News Factor Network (Arnfield, 2005), published in Yahoo! News, provides some overall perspective on the present and future safety and security of online banking services. In the article, the high-visibility U.S. anti-virus company, McAfee, through its emergency response team, Avert, reports that around "50 new viruses -- of varying risk assessments -- were discovered every day during the first half of 2004."

Moreover, in 2004, the article continues, "the rise in viruses, worms,


These vulnerabilities are partly due, Gulloto asserts, to "a general lack of awareness in regard to adware ... " as well as hackers taking advantage of "a general lack of consumer awareness" regarding Internet attacks.

Meanwhile, an article in the American Banker reports on the results of a recent Federal Deposit Insurance Corporation (FDIC) survey, which found that "an estimated 1.98 million U.S. adult Internet users experienced an unauthorized transfer from their checking account ... " (Bergman 2004) in a 1-year period ending April, 2004. The survey also found that "unauthorized access to checking accounts was the fastest-growing ... " of the five types of consumer fraud Americans experienced in 2004.

Given these very recent data, the key question for today's banking institution and banking consumer should be: "How secure are your online banking services?" After careful research and analysis of the issues involved, the honest answer, in many cases, will be, "not very secure at all"; notwithstanding the fact that banks are trying their best to convince consumers that online banking is secure, the news is not good.

It is indeed surprising -- and disheartening -- to research the literature and learn that banks are very vulnerable to Internet crime, despite their slick marketing efforts to assure consumers that online accounts are safe. Moreover, it appears that every time the banking industry believes it has licked a particular security breach, the hackers and thieves out there in cyberspace devise another tool to beat the latest stopgap security measure employed by banks. And unless banks can stay ahead of these crafty scammers, consumers -- who had been expected to flock to online banking services in droves -- may be content to actually drive down to the bank to make their transactions and deposits, and to pay their bills the old-fashioned way: by "snail mail" or in person.

There is a great deal of literature available as back up to the position taken in the two preceding paragraphs. To wit, according to research conducted by the publication, The Banker (Skinner, 2004), " ... 57 million adults in the U.S. received a fraudulent email as of May 2004" connected with their online banking services, and the trends clearly show that unscrupulous Web thieves are getting "more and more sophisticated."

Those "fraudulent" emails are part of an online con game called "phishing," which is basically an email received which announces that "your account will be suspended unless you click here now," Skinner writes. An unsuspecting, unsophisticated consumer immediately clicks into "what looks like the bank's website," enters his login, password and his security settings "without realizing that all the details" are funneled into a hacker's computer -- and funds may well soon be stolen as a result.

Using information provided by the Anti-Phishing Working Group (APWG), Skinner writes that phishing attacks increased "50% a month" in the first half of 2004, with the principal targets being "banks, eBay, and PayPal." The phishing attacks are adding up to a staggering loss of $1.2 billion a year in Web-related fraud, Skinner concludes.

Where did the term "phishing" come from? There is a good explanation in the APWG's Web site ( phishing comes from the "analogy that Internet scammers are using email lures to 'fish' for passwords and financial data" from the millions of Internet users around the globe. The term actually was launched in 1996, the APWG explains, by hackers who ripped off AOL dial-up account users back when the enthusiasm over having email technology tended to blind the new user to the danger posed by crooks who were lurking in the "alleyways" of cyberspace.

'Ph" is commonly used by hackers, APWG's site points out, as a replacement for "f" -- and "is a nod to the original form of hacking, known as 'phreaking', which was coined by the first hacker, John Draper (AKA, 'Captain Crunch')." (Draper reportedly invented hacking by breaking into telephone systems electronically in the early 1970s.)

Hackers became so adept at their trade that by 1997, "phish" were "actually being traded" as a form of hacker currency, the APWG report continues. Hackers would "routinely" trade ten "working AOL phish" for some form of hacking software they needed to continue their unscrupulous careers.

Another tool in the hands of the hackers and thieves is "script injection" -- which is a system where hackers insert "text frames in the official Web sites of banks," Skinner explains. The customer at home logged onto a laptop believes that the official details and designs on the bank's Web page on the computer screen are real -- when in fact some of that data have been inserted into the bank's Web pages by groups like "Gangs 'R' Us." Hence, the links available take…

Sources Used in Documents:


Anti-Phishing Working Group (2004), "Committed to wiping out Internet scams and fraud: Origins of the Word 'Phishing'," Available:

Arnfield, Robin (2005), "McAfee Warns on Top Viruses," (News Factor Network / Yahoo! News), Available: cid=75& u=/nf/20050104/tc_nf/29450& printer=1.

Bergman, Hannah (2004), "FDIC Offers, Solicits Ideas on Stopping ID Theft," American Banker, vol. 169, no. 240, p. 4.
Internet Pioneers (2004), Available:
JupiterImages (2004), "Population Explosion: Worldwide Internet Population 2004," Available:

Cite this Document:

"Security On The Web" (2005, January 07) Retrieved January 21, 2022, from

"Security On The Web" 07 January 2005. Web.21 January. 2022. <>

"Security On The Web", 07 January 2005, Accessed.21 January. 2022,

Related Documents
Security Issues in Cloud Computing
Words: 1450 Length: 5 Pages Topic: Education - Computers Paper #: 95023300

Despite these concerns however the world's largest companies still actively promote and routinely hype the value of cloud computing without mentioning the myriad of risk associated with this platform, despite its continual maturation from a security and stability standpoint [2]. An example of this is type of hype is when Microsoft's Steve Balmer described cloud computing as the next frontier and Dr. Ajei Gopal verified that the cloud is there

Security in Cloud Computing
Words: 3274 Length: 10 Pages Topic: Education - Computers Paper #: 13618479

Security in Cloud Computing Security issues associated with the cloud Cloud Security Controls Deterrent Controls Preventative Controls Corrective Controls Detective Controls Dimensions of cloud security Security and privacy Compliance Business continuity and data recovery Logs and audit trails Legal and contractual issues Public records The identified shortcomings in the cloud computing services and established opportunities for growth regarding security aspects are discussed in the current research. The security of services is regarded as the first obstacle. The opportunity for growth is provided as combination

Security Breach Case Scenario 1: Security Breach
Words: 1969 Length: 7 Pages Topic: Business - Management Paper #: 21358624

Security Breach Case Scenario 1: Security Breach Hospitals have the opportunity and responsibility to integrate sound policies and procedures in relation to the protection of the confidential client information (Rodwin, 2010). St. John's Hospital in no different to this notion has the organization seeks to enhance the security and confidentiality of the information of its clients. The organization is a role model to other institutions within the geographical area on the essential

Security for Networks With Internet Access
Words: 4420 Length: 12 Pages Topic: Education - Computers Paper #: 31313380

Security for Networks With Internet Access The continual process of enterprise risk management (ERM) has become an integral component of successful organizational assessment, because the process of accurately identifying various risk factors, and interpreting their potential advantages and disadvantages, ensures that a business remains capable of anticipating and addressing internal and external contingencies. The following ERM implementation plan for the security of internet-accessible networks is intended to provide a navigable framework

Security Monitoring Strategies Creating a Unified, Enterprise-Wide...
Words: 1131 Length: 3 Pages Topic: Business Paper #: 78943277

Security Monitoring Strategies Creating a unified, enterprise-wide security monitoring strategy for any organization must be based on a series of strategic goals and objectives that encompass every functional area and system of a business. The intent of this analysis is to define the objectives that must anchor a security monitoring strategy to ensure its success, followed by specific recommendations for security monitoring of each major functional area. Defining Security Monitoring Strategies For an

Web Conferencing Security Analyzing the
Words: 797 Length: 3 Pages Topic: Education - Computers Paper #: 44357505

The U.S. Department of Defense was instrumental in the definition of this technology and also has led in tis adoption globally (Xirasagar, Mojtahed, 2010). Figure 1: Comparing Tunneling Configurations in IPSec vs. SSL VPN Configurations Source: (Opus Consulting, 2007) Figure 1 illustrates how both VPN and IPSec work in secured Web conferencing configurations. Both of these approaches can drastically reduce the level of risk associated with video conferencing today. Increasingly these technologies are